← Back to Skills Marketplace
xccx

CAN: Clock Address Naming

by xc · GitHub ↗ · v1.9.0
cross-platform ⚠ suspicious
1739
Downloads
0
Stars
0
Active Installs
18
Versions
Install in OpenClaw
/install can
Description
Agent & MCP integration. CAN stamps what flows through any pipe. Verify, name, log locally.
README (SKILL.md)

Version 1.9.0 of CAN focuses on integrating Clock Address Naming with AI agents, specifically those utilizing the Model Context Protocol (MCP).

CAN provides a localized, verifiable naming and storage layer for the data agents retrieve from tools, operating entirely independently of the transport layer.

Architecture: CAN + MCP

MCP handles tool connection and data transport. CAN handles verification, naming, and historical logging of the data retrieved via MCP.

Because CAN is strictly a local operation (computing a hash, timestamping, and writing to a file), it requires zero integration with the MCP server. The server does not need to know CAN exists.

Workflow:

  1. Agent requests data from an MCP tool.
  2. Agent receives the response payload.
  3. Agent locally applies a CAN stamp (WHEN, WHERE, WHAT) to the payload.
  4. Agent logs the stamp to its local index.tsv.

This allows agents to verifiably recall past tool outputs without re-querying the server, proving that the data has not been mutated since it was retrieved.

Agent Implementation Tests

The 1.9.0 release asks agent developers to evaluate CAN as a standard logging and retrieval mechanism. The following tests demonstrate standard agent operations using CAN.

Test 1: Basic Stamping

Agents can natively generate the requirements for a CAN entry using standard system utilities.

WHEN=$(date +%s%3N)
WHERE=$(sha256sum \x3C\x3C\x3C "tool_output_string" | awk '{print $1}')
WHAT="tool_name.result"

echo -e "$WHEN	$WHERE	$WHAT" >> ~/.can/index.tsv

Test 2: Local Verification

Before trusting cached data, agents verify the integrity of the data against the hash (WHERE) stored in the CAN index.

CLAIMED_HASH="a948904f2f0f479b8f8564e9d7e91d9820b5..."
ACTUAL_HASH=$(sha256sum \x3C\x3C\x3C "tool_output_string" | awk '{print $1}')

if [ "$ACTUAL_HASH" = "$CLAIMED_HASH" ]; then
    # Valid (CAN)
else
    # Invalid/Mutated (NOT)
fi

Test 3: Stamping MCP Results

A practical example of an agent logging an MCP tool execution.

# 1. Execute MCP tool
RESULT=$(mcp_call fetch_report "Q3_Data")

# 2. Generate CAN stamp locally
WHEN=$(date +%s%3N)
WHERE=$(echo -n "$RESULT" | sha256sum | awk '{print $1}')
WHAT="fetch_report.Q3_Data SAVE"

# 3. Append to index
echo -e "$WHEN	$WHERE	$WHAT" >> ~/.can/index.tsv

Advantages for Agents

Can optionally works in parallel with location-based naming (e.g., standard file paths) while offering several technical benefits for autonomous agents:

  • Offline Recall: Agents can verify and retrieve past MCP results without network overhead or re-querying the tool.
  • Tamper Evidence: Hash verification guarantees that context injected into prompts is exactly what was originally returned by the tool.
  • Search Optimization: Agents can filter local memory logs by timestamp (WHEN), exact content match (WHERE), or metadata/intent (WHAT).
  • Decoupling: If the MCP server goes offline or the tool's API changes, the historical data remains perfectly addressable and verifiable in the agent's local state.

Version Roadmap

  • 1.8.0: Core CAN specification (WHEN + WHERE + WHAT).
  • 1.9.0 (Current): Agent/MCP integration and local evaluation logs.
  • 2.x (Future): Peer-to-peer verification, physical co-presence proofs, and verifiable exchanges.
Usage Guidance
This skill is coherent and low-risk in itself: it only documents how to locally hash, timestamp, and record tool outputs. Before installing, consider: (1) privacy — any sensitive data returned by tools (API keys, secrets, PII) will be persisted in ~/.can/index.tsv and optionally ~/.can/store; restrict directory permissions and audit what the agent stamps; (2) storage growth — automated agents could write large or many blobs over time; consider retention/rotation; (3) platform compatibility — the SKILL.md assumes sha256sum is available (on some systems you may need shasum -a 256 or install coreutils); (4) agent autonomy — the skill examples show automated stamping of tool outputs; ensure the agent's policy about when and what to stamp matches your expectations. No scanner findings were produced because this is instruction-only; absence of findings is not a substitute for reviewing what your agent will actually log.
Capability Analysis
Type: OpenClaw Skill Name: can Version: 1.9.0 The `SKILL.md` primarily defines a local logging and verification mechanism using standard utilities (`date`, `sha256sum`, `awk`, `echo`) to append to `~/.can/index.tsv`, which is benign. However, the `README.md` includes a 'use case' example that demonstrates an agent using `curl` to fetch data from `api.example.com` and subsequently storing the *full content* of that response in `~/.can/store/$WHERE`. While `api.example.com` is a generic placeholder and the action is presented as an example, the inclusion of a network call (`curl`) and the storage of arbitrary remote content in a documentation file (which an AI agent might interpret as executable instructions) introduces a significant risky capability. This capability could be exploited for data exfiltration or remote code execution if the agent were prompted to fetch from a malicious URL or if the stored content were later executed, thus classifying the bundle as suspicious due to this vulnerability risk.
Capability Assessment
Purpose & Capability
Name/description (local timestamp/hash/name logging for MCP/tool outputs) matches the content of SKILL.md and the minimal requirements (sha256sum, date). The required binaries are exactly those needed to compute timestamps and SHA-256 hashes; no unrelated credentials, network endpoints, or system paths are requested.
Instruction Scope
SKILL.md instructs the agent to compute a timestamp and SHA-256 hash of tool outputs and append a TSV row to ~/.can/index.tsv (and optionally write the payload to ~/.can/store/$HASH). This stays within the stated local logging function. Caution: stamping will persist whatever the agent received (including secrets) to the local CAN store/index — that is expected behavior but a privacy concern the user should consider.
Install Mechanism
Instruction-only skill with no install spec and no archives/third-party downloads. No code is written to disk by the skill itself beyond the agent following simple shell commands; lowest install risk.
Credentials
No environment variables, credentials, or config paths are required. The SKILL.md examples reference only standard user-home locations (~/.can) and standard CLI utilities; requested access is proportional to the stated functionality.
Persistence & Privilege
always is false, the skill does not request forced/always-on presence, and it does not modify other skills or system-wide configs. The only persistent effect described is writing an append-only log under the user's home directory, which is consistent with the purpose.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install can
  3. After installation, invoke the skill by name or use /can
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.9.0
- Adds agent and Model Context Protocol (MCP) integration, enabling agents to locally stamp, verify, and log data received from MCP tools. - CAN now serves as a local, verifiable naming and storage layer for agent tool outputs, decoupled from network transport. - Introduces shell-based agent implementation tests for stamping, verifying, and logging MCP results using CAN. - Updates metadata: now only requires basic utilities (`sha256sum`, `date`). - Documentation rewritten and reorganized to directly address agent developers and outline the workflow and advantages of using CAN for autonomous agent memory.
v1.8.0
## Summary: Documentation improvements and clarifications. - Updated SKILL.md with clearer and more concise technical explanations. - Clarified time addressing as "limited linear time" in How section. - Improved natural language for consistency and brevity throughout documentation. - Corrected and streamlined examples and explanations on naming, searching, and falsification. - No code or logic changes; documentation only.
v1.7.1
Version 1.7.1 (Skill: can) - Documentation (SKILL.md) updated; no code or logic changes. - No user-facing behavior or feature modifications. - All project usage, commands, and interfaces remain the same.
v1.7.0
Version 1.7.0 is a major rewrite focused on simplicity and core concepts. - Completely overhauled SKILL.md: now concise, focused on core principles (WHERE/WHEN/WHAT). - Significant reduction in scope and length; detailed trust/Web of Trust mechanics removed or deferred. - README.md updated to align with new conceptual focus and simplified language. - Key ideas clarified: CAN as logical, verifiable naming by hash, clock, and name; trust, routing, scoping now out of band. - All previous detailed policy and trust mechanisms moved out, making the skill much easier to read and adopt.
v1.6.1
**CAN v1.6.1 introduces explicit Web of Trust (WOT) with recursive scopes and trust computed from evidence.** - Adds trust as a computable metric, accumulated from SAWs (verified events) rather than declared by authority. - Defines recursive scopes (SELF, PAIR, GROUP, REGION, PLANET), each with its own trust boundaries and policies. - Introduces vouching as a SAW action, enabling evidence-based scope enrollment and flexible trust flows. - Describes trust computation by SAW count, recency, vouches, and CANT (falsified) evidence. - Clarifies that sharing is explicit and index data is not broadcast by default. - No changes to index format; WOT is fully compatible with existing CAN logs.
v1.6.0
**v1.6.0 introduces WOT (Web of Trust) with recursive scoped trust.** - Adds WOT: agents accumulate trust using evidence (SAWs), not central authorities. - Introduces trust scopes (SELF, PAIR, GROUP, REGION, PLANET), each with its own index and boundary. - Trust is computed from SAW logs (verifications, vouches, and absence of CANTs). - Enrollment into scopes is based on vouching (logging a SAW), with flexible policies (OPEN, VOUCHED, KEYED, BUMPED). - Trust can be evaluated directly and transitively (trust paths/chains). - No changes to index format; WOT is integrated as new WHY values in SAW logs.
v1.5.0
CAN 1.5.0 - Major update: adds CAN-saw operation—agents can now log when they verify and cache content, building a distributed routing table from firsthand sightings (“SAWs”). - README and docs revised to explain SAW/LOG model; introduces concept of “say what you see, LOG what you saw.” - CAN routing, verification, and cache operations unified under a single six-column index (collapsing three tables of NDN into one). - New event types and sample shell logic added for logging SAW, cache, share, and reject (CANT) events. - Clarifies the shift toward CLOCK-based addressing and its benefits for human and machine collaboration.
v1.4.1
CAN 1.4.1 - Added installation requirements to metadata: now explicitly lists `openssl`, `base64`, `awk`, `date` as required binaries in addition to `sha256sum`. - SKILL.md now notes platform-specific details for hashing commands and WHO generation on Linux, macOS, and Windows. - Clarifies that WHO-1 signing requires `openssl` and that macOS may use `shasum -a 256` rather than `sha256sum`. - Recommends backing up the `~/.can/who.key` file for WHO-1 identity persistence.
v1.4.0
Version 1.4.0 — Expands CAN to 6D naming and routing. - Adds three new naming axes: WHAT (bits), WHY (intent/bag), and WHO (identity/fingerprint), alongside WHEN, WHERE, and HOW. - Updates the README and SKILL.md to explain 6D (six-dimension) CAN model and operations. - Describes three WHO identity tiers (from local session to portable identity), and expands use cases for each. - Index format now supports six columns: WHEN, WHERE, HOW, WHY, WHO, PATH. - Clarifies intent tags (SAVE, GOOD, HUSH, POST) and identity assignment in stamping/storing. - Updates sample bash snippets to show new 6D stamp and index logging.
v1.3.2
Version 1.3.2 - Documentation updates only; no code or functional changes. - Minor edits were made to the README.md and SKILL.md files. - No new features or breaking changes introduced.
v1.3.1
CAN 1.3.1 - Improved documentation for finding content by hash ("CAN-locate") with clearer, privacy-respecting search order and store/index priority. - Updated language for clarity and consistency (e.g., “location” vs. “Location”). - Fixed minor typos and removed duplicate words in skill description and background rationale.
v1.3.0
Version 1.3.0 - Adds routing: content can now be found by name/address across local store, peers, relays, or web. - Refines naming: addresses are now CLOCK (when), ADDRESS (where/SHA-256), and NAMES (how humans refer, mutable and plural). - Index format updated: now logs sightings (CLOCK, ADDRESS, NAME, PATH, BAG), enabling provenance and movement tracking. - Clarifies core operations: simplified instructions for naming, storing, finding, and verifying content. - Improved documentation: emphasis on zero switching cost and practical use for both agents and humans.
v1.2.2
- Updated the metadata section to use a config object with "stateDirs" instead of "config_path" for improved configuration schema. - No other content or feature changes.
v1.2.1
- Added metadata field: `"config_path":"~/.can"` to skill metadata for clearer configuration management. - No other changes to logic or features. Documentation and usage remain the same.
v1.2.0
**Summary:** This update introduces zero switching cost and clarifies how nameables/metadata can float outside or be committed into hashes. - Added section on "Zero switching cost" — CAN now runs entirely in parallel with existing file paths, requiring no workflow changes. - Clarified use of nameables: metadata is mutable and separate by default, but can be "baked into" a hash for permanence when needed. - Improved documentation around metadata: clearly distinguishes between floating (mutable) and committed (immutable) naming metadata. - Stressed that all CAN usage is optional, lightweight, and easily reverted. - No functional or code changes; documentation and philosophy improvements only.
v1.1.0
- Added LICENSE.txt for explicit licensing information. - Documentation now includes a fourth "WHO" pole (identity) with signing instructions. - Expanded "CAN-sign" section to detail Nostr and other signature/identity options. - Clarifies the optional nature of the WHO field and multi-protocol support. - Minor documentation cleanups and clarification.
v1.0.1
- Initial public release of the CAN skill for three-pole content naming. - Provides naming by CLOCK (timestamp), ADDRESS (SHA-256 hash), and NAMEABLE (human petname). - Enables verifiable content integrity, event timestamping, and content location by time, hash, or petname. - Includes command-line examples for stamping, verifying, storing, and searching CAN entries. - Designed for both agents and humans to find, trust, and share content reliably.
v1.0.0
Initial release of the "can" skill — three-pole naming for agents. - Implements CLOCK (timestamp), ADDRESS (SHA-256 hash), and optional NAMEABLE (petname) identifiers for any content. - Provides bash-ready examples for stamping, verifying, storing, and searching content by time, hash, or human label. - Details use cases for content verification, local storage, and inter-agent trust without reliance on file paths. - Includes a simple, human-readable index format for efficient lookup and management. - Outlines future directions for identity signatures and timer entries.
Metadata
Slug can
Version 1.9.0
License
All-time Installs 0
Active Installs 0
Total Versions 18
Frequently Asked Questions

What is CAN: Clock Address Naming?

Agent & MCP integration. CAN stamps what flows through any pipe. Verify, name, log locally. It is an AI Agent Skill for Claude Code / OpenClaw, with 1739 downloads so far.

How do I install CAN: Clock Address Naming?

Run "/install can" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is CAN: Clock Address Naming free?

Yes, CAN: Clock Address Naming is completely free (open-source). You can download, install and use it at no cost.

Which platforms does CAN: Clock Address Naming support?

CAN: Clock Address Naming is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created CAN: Clock Address Naming?

It is built and maintained by xc (@xccx); the current version is v1.9.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments